Hey everyone, We just enabled a feature on the LIVEcommunity that allows for products to be linked inside of discussions or articles.. this helps cross link information throughout the site, especially useful if you are looking for specific informatio...
To all, Just wanted to post a message about the Hot Topic right now, which is Covid-19. With all of this going around, everybody's health and safely is the utmost concern. Keeping your hands clean, washing your hands (A LOT), using hand sanitizers, a...
I've had a total brain fade, and am unable to figure this out. Hoping you guys can help. Network topology is relatively simple. Firewall has three zones - outside, inside and DMZ - DMZ has a /25 of "real" Internet addresses on it. Outside has a /30, ...
Is there a report that I can run that will show me every rule that has tcp service applied? For example let's say migration tool is not an option and I do not want to scroll through 3000 rules to manually look. Or can I can export all rules and someh...
Hi There, At one of our sites we fell vicitim and have the dreaded any any security policy in place. We are trying to determine the best course of action to lock it down. Would I create tap firewall ports and span all the traffic, then create new rul...
We are thinking of creating a DoS rule and I was wondering what the group thinks of this rule and what affect it would have.
We have two 3050 units managed by Panorama. I have two related questions: What is the difference between Apps and Contents in Dynamic Updates? If we have a support contract for the firewalls and Panorama but don't subscribe to Antivirus, Threats and ...
As the subject states we are single PA500 shop now moving to Dual PA820 in HA.What can I expect when moving to this type of setup coming from a single FW setup.Is there anything I need to look out for any "Gotchas"? So far I know I am using 5 copper ...
Hey all!I have a problem with my second passive PA-3020. (7.1.7)We had a loss of power so the firewall was shutdown hard.When it's booting now, the autocommit fails.When I do a commit force, it says: "Threat database handler failed".Then I stumbled o...
Hi So setup my HA cluster woo hoo. So now I have setup panoram I have gone to managed devices and added in my 2 PA from above - by serial number, I can see then, I can change context into them. I went to each PA and add in the FQDN for the panoram in...
In Panorama where are the adminsitrator access logs? I.e. if I want to see when a adminsitrator user last accessed the system. I know where that is on the PA firewalls, but on Panorama??
When one is looking at interface counters, does "rate severity" provide context for the "value"?Since in some cases 1000 drops is not a big deal while others it may be. name value rate severity category aspect description-----------------------------...
I am looking for the best solution on forwarding taffic and audit logs to a Panorama without registering the firewalls in panorama. The goal is that Panorama should not manage those firewalls as they are in lab environment but would collect logs only...
we recently upgraded from PAN-OS 7.1.10 to 8.0.2 and some (but not all) websites are no longer decrypting For instance, gmail doesn't decrypt anymore and we have a rule that allowed that application. Since that traffic isn't decrypted, it comes up as...
Hi, I have minemeld running on Azure and it processes and creates feeds as I would expect and can view them in a browser. The only change from the inital Azure build I have done is to install my own go-daddy SSL cert so out the box browsers will trus...
Getting error while executiing sudo apt-get update && sudo apt-get install -y minemeld rsyslog-minemeld rsyslog-mmnormalize Error Failed to Fetch http://minemeld-updates.panw.io/ubuntu/dists/trysty-minemeld/main/binary-amd64/packages 403 Forbidden [I...
Is there any way to negate adding a prefix to the GP Access Routes? We have an app that we don't want to change the communication path when a machine connects with GP. So if it was accessing this app through an external method it should remain that w...
on:
Regarding access between two sites
on:
flow_fpga_ingress_exception_err and high latency
on:
File blocking allow MS 365 Office installs and Windows updates
on:
Agentless User ID based network administration control using Windows AD server for PAN-OS
on:
Destination Zone
